private function auth($user, $pass)
{
$error = '';
$t = Variable::get('host_ban_time');
if ($t > 0) {
$fails = DB::GetOne('SELECT count(*) FROM user_login_ban WHERE failed_on>%d AND from_addr=%s', array(time() - $t, $_SERVER['REMOTE_ADDR']));
if ($fails >= 3) {
$error = 'Host banned.';
}
}
if ($error === '') {
$ret = Base_User_LoginCommon::check_login($user, $pass);
if (!$ret) {
$error = 'Login failed.';
if ($t > 0) {
DB::Execute('DELETE FROM user_login_ban WHERE failed_on<=%d', array(time() - $t));
DB::Execute('INSERT INTO user_login_ban(failed_on,from_addr) VALUES(%d,%s)', array(time(), $_SERVER['REMOTE_ADDR']));
$fails = DB::GetOne('SELECT count(*) FROM user_login_ban WHERE failed_on>%d AND from_addr=%s', array(time() - $t, $_SERVER['REMOTE_ADDR']));
if ($fails >= 3) {
$error .= ' Host banned.';
}
}
} else {
$uid = Base_UserCommon::get_user_id($user);
Acl::set_user($uid, true);
}
}
return $error;
}
public static function submit_login($x)
{
$username = $x[0];
$pass = $x[1];
$ret = Base_User_LoginCommon::check_login($username, $pass);
if (!$ret) {
$limit_exceeded = self::log_failed_login($username);
if ($limit_exceeded) {
location(array());
}
}
return $ret;
}
public function check_old_pass($pass)
{
return Base_User_LoginCommon::check_login(Base_UserCommon::get_my_user_login(), $pass);
}